Showing results for 
Search instead for 
Did you mean: 

Cisco Community Designated VIP Class of 2020


dhcp dirty interfaces on wlc

Hey All,

We've currently deployed the 5508 wlc( with ssid's using interface groups. We have roughly 200 access points and a mixture of 3500, 1120, 1121 and 1230 access points running a a/g/n (where applicable) environment. We are working towards a campus wide deployment but in the mean time its more of a hotspot type install. We have our dhcp lease times (on external server) set to 1 hour but I notice the interfaces going "dirty" quite frequently and then back out. I've seen the diagram discussing how it goes through the dhcp process with interface groups but still have questions.

Example below.

ssid = work (wpa2 enterprise)

vlan 700 -

vlan 701 -

vlan 702 -

interface group - work_group and added vlan 700,701 and 702

My questions are below.

1. When the interface is "dirty" but the dhcp server sends a ping to the client for half life, does that re-enable the interface (remove the dirty status)?

2. Is there any standard practices when using interface groups?

3. For us being a hotspot, clients travel all over campus and interrmitently connect and disconnect which is why we see so many dirty statuses on the controller, is there a solution or best practice for this?

4. How does the interface group algorithm work? Round robin, least used first?

5. I don't think there is a way but I'll ask anyways, can you make the client perform dhcp for a new address each time instead of asking for its previous ip :>)?

Any other info about interface groups and best practices would be great.




Re: dhcp dirty interfaces on wlc

Hi Craig,

Thank you kindly for your suggsetion for my question.

Just curious that is the vlan 700, 701 and 702 in all your campus?

Since your roaming clients will try to get their previous IP address. If they could not get it,  will it add the DHCP dirty count for the current vlan interface?




Re: dhcp dirty interfaces on wlc

The wlc is centrally located and those vlans directly attach to it. We don't use ap groups as we broadcast all ssid's to every ap on campus.

As far as roaming, I see where your concern is and that's the issue we are facing as we continue to deploy wifi campus wide. If a client roams in our environment there is no issue cause those vlans are for that ssid all throughout campus.

The interface will get marked dirty if say " a client connects an uses ip for 5 minutes and just leaves but then comes back sometime later and requests their original ip but the dhcp server either has given that ip away or exhausted the dhcp scope. The contollers I believe will send out thy dhcp request to the next vlan in the group but the asking for the old ip address. This will happens 3 times then the controller will make that interface dirty for 30 mins.

Fr what I've seen but cannot say for sure is that if the dhcp server sends out a half life ping to the client an receives a response then the wlc will remove the dirty status on the interface.

I'm trying to mock it up in lab to verify but these are something's I've noticed


Sent from Cisco Technical Support iPhone App

Re: dhcp dirty interfaces on wlc

This is all good stuff. I have not played with this feature "yet". You may need to open a TAC case on this or maybe one of the Cisco guys here will chime in ...

Please, if you open a case post what you learned ...


"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
CreatePlease to create content
Content for Community-Ad

August's Community Spotlight Awards